Техническая информация
- '%TEMP%\nsb3.tmp\90018_ailiao.exe'
- '%TEMP%\nsb3.tmp\90018_ailiao.exe' (загружен из сети Интернет)
- %PROGRAM_FILES%\ffdy\reply.htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\index[1].htm
- %TEMP%\nsb3.tmp\Inetc.dll
- %TEMP%\nsb3.tmp\setup_3038.exe
- %TEMP%\nsb3.tmp\90018_ailiao.exe
- %TEMP%\nsb3.tmp\NSISdl.dll
- %PROGRAM_FILES%\ffdy\uninst.exe
- %TEMP%\nsb3.tmp\FindProcDLL.dll
- %TEMP%\nsb3.tmp\System.dll
- %TEMP%\nsg2.tmp
- %HOMEPATH%\Start Menu\Programs\·Е·ЕµзУ°\Uninstall.lnk
- %HOMEPATH%\Start Menu\Programs\·Е·ЕµзУ°\Website.lnk
- %PROGRAM_FILES%\ffdy\·Е·ЕµзУ°.url
- 'bb#.#hfmc.com':80
- 'os#.#hfmc.com':80
- bb#.#hfmc.com/yinyuefm.txt
- bb#.#hfmc.com/ailiao.txt
- os#.#hfmc.com/index.php
- DNS ASK bb#.#hfmc.com
- DNS ASK os#.#hfmc.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'